Specifications

ManualsBrandsCisco ManualsComputer equipmentIGX 8

241

242

243

244

245

246

247

248

249

250

10-29

Cisco IGX 8400 Series Provisioning Guide, Release 9.3.3 and Later Releases

OL-1166-04

Chapter 10 Cisco IGX 8400 Series IP Service

IP Service—Functional Overview

Figure 10-14 Using MPLS to Build VPNs

One strength of MPLS is that providers can use the same infrastructure to support many VPNs and do

not need to build separate networks for each customer. VPNs loosely correspond to “subnets” of the

provider network.

This solution builds IP VPN capabilities into the network itself, so providers can configure a single

network for all subscribers that delivers private IP network services such as intranets and extranets

without complex management, tunnels, or VC meshes. Application-aware QoS makes it possible to

apply customer-specific business policies to each VPN. Adding QoS services to MPLS-based VPNs

works seamlessly; the provider Edge LSR assigns correct priorities for each application within a VPN.

MPLS-enabled IP VPN networks are easier to integrate with IP-based customer networks. Subscribers

can seamlessly interconnect with a provider service without changing their intranet applications,

because these networks have application awareness built in, for privacy, QoS, and any-to-any

networking. Customers can even transparently use their private IP addresses without NAT.

The same infrastructure can support many VPNs for many customers, removing the burden of separately

engineering a new network for each customer, as with overlay VPNs.

It is also much easier to perform adds, moves, and changes. If a company wants to add a new site to a

VPN, the service provider only has to tell the CPE router how to reach the network, and configure the

LSR to recognize VPN membership of the CPE. BGP updates all VPN members automatically.

This scenario is easier, faster, and less expensive than building a new point-to-point VC mesh for each

new site. Adding a new site to an overlay VPN entails updating the traffic matrix, provisioning

point-to-point VCs from the new site to all existing sites, updating OSPF design for every site, and

reconfiguring each CPE for the new topology.

Edge LSR

Customer B

10.1.1

VPN 354

CE CE

Customer A

10.2.1

VPN 15

MPLS network

Customer A

10.1.1

VPN 15

(15) 10.1.1

Customer A

10.3.1

VPN 15

Customer B

10.2.1

VPN 354

Controlled route distribution

(354) 10.1.1

(354) 10.2.1

(15) 10.3.1

(15) 10.2.1

25098

Edge LSR

Forwarding examples

OUT

(15) 10.2.1

(354) 10.2.1

(15) 10.1.1

(15) 10.3.1

(354) 10.1.1